CVE-2017-5671
CVE-2017-5671
Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriting the /etc/shadow file.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/41754/unverifiedexploitdbwww.exploit-db.com/exploits/41754unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://apps.intermec.com/downloads/eps_download/Firmware%20Release%20Notes%20x10_11_013310.pdfhttps://akerva.com/blog/intermec-industrial-printers-local-root-with-busybox-jailbreak/https://github.com/kmkz/exploit/blob/master/CVE-2017-5671-Credits.pdfhttps://www.exploit-db.com/exploits/41754/http://www.securityfocus.com/bid/97236